Commit Graph

257 Commits

Author SHA1 Message Date
Alf Helge Jakobsen b07cd5fbf6 systemd hardening for pvv-nettsiden-gallery-update.service (!90)
#133

Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/90
Reviewed-by: Oystein Kristoffer Tveit <oysteikt@pvv.ntnu.no>
Co-authored-by: Alf Helge Jakobsen <alfhj@stud.ntnu.no>
Co-committed-by: Alf Helge Jakobsen <alfhj@stud.ntnu.no>
2024-11-09 22:22:09 +01:00
Oystein Kristoffer Tveit 9e41c3374d Merge pull request 'bekkalokk/nginx: host `.well-known`' (!79) from move-well-known-to-bekkalokk into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/79
Reviewed-by: Daniel Lovbrotte Olsen <danio@pvv.ntnu.no>
2024-10-20 01:35:22 +02:00
h7x4 f39fee4213
bekkalokk/nginx: host `.well-known` 2024-10-20 01:34:41 +02:00
Daniel Olsen 47ed79986c bicep/matrix: use sops templates for appservice registrations 2024-10-14 15:46:58 +02:00
Daniel Olsen 2c86a2d812 bicep/matrix/hookshot: More configuration 2024-10-14 00:13:15 +02:00
Daniel Olsen d4fd3f8332 bicep/matrix/hookshot: add nginx 2024-10-13 06:03:26 +02:00
Joakim Pettersvold c1833eb07c bicep/matrix/hookshot: Configure matrix-hookshot
Co-authored-by: Daniel Olsen <daniel.olsen99@gmail.com>
2024-10-13 05:50:22 +02:00
Finn Landweber 5ee23ef2e2 bicep/matrix/hookshot: Backported from nixpkgs
Co-authored-by: Joakim Pettersvold <joakimpokemeg@hotmail.no>
2024-10-13 05:50:22 +02:00
Oystein Kristoffer Tveit f5c16f46f1 Merge pull request 'disable-postgres-on-bekkalokk' (!85) from disable-postgres-on-bekkalokk into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/85
Reviewed-by: Daniel Lovbrotte Olsen <danio@pvv.ntnu.no>
2024-10-13 02:34:45 +02:00
h7x4 aa71d497f1
bekkalokk/roundcube: add postgres password 2024-10-12 23:57:27 +02:00
fredrikr79 4fbd823be6 bekkalokk/roundcube: add `database.host` 2024-10-12 22:53:42 +02:00
Daniel Olsen 6c9e651e59 bekkalokk/gitea: Add important emoji reactions 2024-10-12 22:42:59 +02:00
Daniel Olsen a7fe2aabc5 bicep/matrix/coturn: disable ipv6 to fix the service running at all
coturn is just fundamentally broken, look at trying eturnal instead
2024-09-27 07:30:48 +02:00
Daniel Olsen cd23e35aac bicep/matrix: update module and remove deprecated options 2024-09-27 06:38:12 +02:00
Felix Albrigtsen 0f77a42e34 Grafana: Add Gitea Dashbaord [sic] 2024-09-14 20:28:35 +02:00
Felix Albrigtsen c64d28fc26 Prometheus: Monitor gitea metrics 2024-09-14 20:21:12 +02:00
Tony Yen 179d0743ce gitea: export metric issue #101 2024-09-14 19:26:25 +02:00
Daniel Olsen 47fa3759c3 buskerud: remove
This is now a proxmox machine :grr:
2024-09-05 18:00:42 +02:00
Daniel Olsen 3a37fefd4d fixup! Merge pull request 'Fix Ildkule/Openstack networking' (!75) from fix-openstack-networking into main 2024-09-05 14:24:40 +02:00
Daniel Olsen 47d7b88a05 ildkule/prometheus: consolidate scrape jobs and label with hostname for base info 2024-09-05 14:14:28 +02:00
Felix Albrigtsen ca287b95c9 Ildkule/openstack: fix networking
Removes systemd-networkd, and configures proper ipv4 and ipv6 in
openstack.
2024-09-05 00:24:22 +02:00
Daniel Olsen 669733309b ildkule: get systemd stats from more machines 2024-09-03 13:10:36 +02:00
Daniel Olsen 4ed12573ff ildkule: fix system activation by disabling smartd 2024-09-03 13:07:58 +02:00
Daniel Olsen 8418cc016c fix biceps systemd units failing on activation 2024-09-03 13:00:12 +02:00
Daniel Olsen b4c602e31c metrics: install systemd exporter 2024-09-02 23:12:24 +02:00
Daniel Olsen 3a0b8e270d bekkalokk/idp: Disallow bots 2024-09-02 23:11:44 +02:00
Daniel Olsen 201784fa21 bluemap on bekkalokk 💀 2024-09-02 15:11:32 +02:00
h7x4 b48230e811
bekkalokk/btrfs: scrubbalubba dubdub 2024-09-01 01:04:28 +02:00
Daniel Olsen 914eb35c5a add a route for /_synapse/admin, point mjolnir at it
This is whitelisted to just bicep

As a side-effect it's also much easier to use synapse-admin now
2024-09-01 00:34:42 +02:00
h7x4 8610a59f35
base.nix: split into multiple files 2024-08-31 22:28:17 +02:00
h7x4 bd42412b94 bekkalokk/gitea/import-users: refactor + add members to groups 2024-08-27 22:07:29 +02:00
Daniel Olsen ef3b146b58 bekkalokk/gitea: don't autowatch all members to all projects 2024-08-27 09:26:00 +02:00
h7x4 5b1c04e4b8 bicep/postgres: use snakeoil certs 2024-08-26 20:43:34 +02:00
h7x4 3fa7f67027 bekkalokk/gitea-web: host pages 2024-08-26 20:36:03 +02:00
h7x4 b0f555667c bekkalokk/gitea: set up gitea-web sync units 2024-08-26 20:36:03 +02:00
h7x4 945d53cdb4
bekkalokk/vaultwarden: systemd hardening 2024-08-22 22:59:32 +02:00
h7x4 cf3b62e01e
bekkalokk/phpfpm-*: systemd hardening 2024-08-22 22:58:48 +02:00
h7x4 f5c99b58c8
bicep/calendar-bot: reactivate 2024-08-15 23:22:50 +02:00
Øystein Tveit d64d8edd68 bekkalokk/gitea: add some extra tabs 2024-08-14 17:36:19 +02:00
Peder Bergebakken Sundt 9dbf5d56f5 fix whitespacing issues 2024-08-04 04:37:23 +02:00
Peder Bergebakken Sundt 1714681532 `statix fix` 2024-08-04 01:46:00 +02:00
Felix Albrigtsen 2030d4de39 fix-openstack-networking (!47)
Fix networking in Openstack.

This rewrites the systemd-networkd config, fixing both dhcp and manual address/route configurations.
Now, everything should behave predictably, routing NTNU-internal and NTNU-global addresses separately and properly across both ipv4 and ipv6.

Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/47
2024-07-31 11:23:00 +02:00
Felix Albrigtsen 615b5fc1f1 SimpleSAMLPHP/MediaWiki: Update deprecated --replace 2024-07-28 23:28:33 +02:00
Daniel Olsen 8f3013dc00 bekkalokk/gitea: direct non-logged-in users to the explore tab
This is a much more interesting page rather than trying to sell gitea
2024-07-19 21:19:06 +02:00
Øystein Tveit 868764e0cd bekkalokk/mediawiki: misc configuration 2024-07-10 19:04:55 +02:00
Øystein Tveit 7c3ff2068d bekkalokk/mediawiki: add some more extensions 2024-07-10 19:04:36 +02:00
Øystein Tveit f3a29429aa bekkalokk/gitea: set default email notification preference to 'onmention' 2024-07-10 00:18:01 +02:00
Øystein Tveit 1591fdb7cc bekkalokk/mediawiki: re-enable DeleteBatch extension 2024-07-08 19:56:43 +02:00
Øystein Tveit ed28ba28f3 bekkalokk/mediawiki: leave togglable debug flags for future use 2024-07-08 19:55:52 +02:00
h7x4 0301691b1c
gitea: enable notification mails 2024-07-04 20:41:46 +02:00